Total 30,680 skills, Security & Compliance has 1088 skills
Showing 12 of 1088 skills
Real-time bidirectional communication with security focus on CSWSH prevention, authentication, and message validation
Configure network security groups and firewall rules to control inbound/outbound traffic and implement network segmentation.
Implement automated secrets rotation for API keys, credentials, certificates, and encryption keys. Use when managing secrets lifecycle, compliance requirements, or security hardening.
Quick reference for all Supabase security audit skills with usage examples and command overview.
List and test exposed PostgreSQL RPC functions for security issues and potential RLS bypass.
Generate a comprehensive Markdown security audit report with executive summary, findings, and remediation guidance.
CRITICAL - Detect if the Supabase service_role key is leaked in client-side code. This is a P0 severity issue.
Identify storage buckets that are publicly accessible and may contain sensitive data.
Test Supabase Realtime WebSocket channels for unauthorized subscriptions and data exposure.
CRITICAL - Detect exposed PostgreSQL database connection strings in client-side code. Direct DB access is a P0 issue.
Extract the Supabase anon/public API key from client-side code. This key is expected in client apps but important for RLS testing.
Attempt to list and read files from storage buckets to verify access controls.